tcpdump gives encrypted results

Question

If I run the following: tcpdump -A -w /tmp/apache_outgoing.pcap trigger an event and then look at the pcap file I see something like:

�y�<�*�^L�cM9��^U^MK

Is there any way to make the tool human readable output?

How are you looking at the pcap file? It's not meant to be human-readable. Just use tcpdump to read it again. Or use wireshark. — EEAA, May 05 '17 at 10:28

score 1 · Answer 1 · answered May 05 '17 at 14:31

1

You can read the output via tcpdump -r; e.g. tcpdump -r /tmp/apache_outgoing.pcap

answered May 05 '17 at 14:31

Pak

score 0 · Answer 2 · answered May 05 '17 at 08:31

0

The question is : What are you trying to dump ?

Is the traffic encrypted such as HTTPs ?

Maybe you should investigate in this way because it seem to be your problem.

Note : You can analyse your pcap in Wireshark to get better visual aspect.

answered May 05 '17 at 08:31

P0pR0cK5

2 Answers2